exploit the possibilities
Showing 1 - 18 of 18 RSS Feed

Files Date: 2019-11-15

Faraday 3.9.3
Posted Nov 15, 2019
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Fixed unicode error when exporting vulns to CSV. Added vuln attributes to CSV. Fixed hostname parsing and add external ID to Qualys plugin.
tags | tool, rootkit
systems | unix
MD5 | e9d1cbf8b419cc843f9317a9a4489be6
FreeRadius 3.0.19 Logrotate Privilege Escalation
Posted Nov 15, 2019
Authored by Wolfgang Hotwagner

FreeRadius versions 3.0.19 and below suffer from a privilege escalation vulnerability via insecure logrotate use.

tags | exploit
advisories | CVE-2019-10143
MD5 | 38f7cd44ce6153a2cf84f8f2f5819066
Raritan CommandCenter Secure Gateway Cross Site Scripting
Posted Nov 15, 2019
Authored by Okan Coskun, Alp Hisim

Raritan CommandCenter Secure Gateway versions prior to 8.0.0 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | a71df70e983939b7c7a0b9688e5bed94
Raritan CommandCenter Secure Gateway XML Injection
Posted Nov 15, 2019
Authored by Okan Coskun, Faruk Unal

Raritan CommandCenter Secure Gateway versions prior to 8.0.0 suffer from an XML external entity injection vulnerability. A remote unauthenticated attacker may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts by using this vulnerability.

tags | advisory, remote, denial of service
advisories | CVE-2018-20687
MD5 | a8abaee9db2d00c3085d72665c4b527a
TP-Link Archer VR300 1 Cross Site Scripting
Posted Nov 15, 2019
Authored by Okan Coskun, Halil Ari

TP-Link Archer VR300 version 1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | d679321fdc207a974641a756b1e35bb0
WordPress Social Photo Gallery 1.0 Remote Code Execution
Posted Nov 15, 2019
Authored by Prestigia Seguridad

WordPress Social Gallery plugin version 1.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-14467
MD5 | 1bb9591e3cec19df6dd4e98eaea723af
c0c0n 2020 Call For Papers
Posted Nov 15, 2019
Site is-ra.org

The c0c0n 2020 Middle East call for papers has been announced. It will take place June 15th through the 18th, 2020 at the St. Regis in Abu Dhabi.

tags | paper, conference
MD5 | 35d0438d221ecc7f9f17cd53842e614f
Centraleyezer Shell Upload
Posted Nov 15, 2019
Authored by Omayr Zanata

Centraleyezer suffers from a remote shell upload vulnerability.

tags | advisory, remote, shell, file upload
advisories | CVE-2019-12271
MD5 | f78de30c506095184f3833df70fa0eb0
Kamerka 2.0
Posted Nov 15, 2019
Authored by woj-ciech

Kamerka is an OSINT tool that builds an interactive map of cameras, printers, tweets, and photos leveraging Flickr, Instagram, Shodan, and Twitter.

tags | tool
systems | unix
MD5 | 8f658a56a0219138e67ac1e7a47fb75d
iOS mediaserverd Integer Overflow Sandbox Escape
Posted Nov 15, 2019
Authored by Google Security Research, ianbeer

iOS suffers from a sandbox escape vulnerability due to an integer overflow in mediaserverd.

tags | exploit, overflow
systems | ios
MD5 | 2596a26960f328e0ae84af2d60d2f0d1
Red Hat Security Advisory 2019-3892-01
Posted Nov 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3892-01 - This release of Red Hat Fuse 7.5.0 serves as a replacement for Red Hat Fuse 7.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, denial of service, deserialization, information leakage, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2017-15095, CVE-2017-17485, CVE-2018-1000850, CVE-2018-11307, CVE-2018-1131, CVE-2018-11775, CVE-2018-11796, CVE-2018-12022, CVE-2018-12023, CVE-2018-14718, CVE-2018-14719, CVE-2018-14720, CVE-2018-14721, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2018-8009, CVE-2018-8034, CVE-2019-0201, CVE-2019-0204, CVE-2019-10173, CVE-2019-14860, CVE-2019-16869, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518
MD5 | caca5850ecb30715635fef3da933c44f
Ubuntu Security Notice USN-4194-1
Posted Nov 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4194-1 - Rich Mirch discovered that the postgresql-common pg_ctlcluster script incorrectly handled directory creation. A local attacker could possibly use this issue to escalate privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-3466
MD5 | 3d5d5b5594832e582b24922191aae2ed
Red Hat Security Advisory 2019-3890-01
Posted Nov 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3890-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-14869
MD5 | 104bfffb96dddc58059aaf58fd2aebbc
Ubuntu Security Notice USN-4193-1
Posted Nov 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4193-1 - Paul Manfred and Lukas Schauer discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-14869
MD5 | 4d26777cb9ff426bb18a110b0c3ac708
Red Hat Security Advisory 2019-3888-01
Posted Nov 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3888-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-14869
MD5 | 4b658d4553d6e4ec831b77adf3a99a72
Red Hat Security Advisory 2019-3889-01
Posted Nov 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3889-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An arbitrary kernel memory write vulnerability was addressed.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2019-0155
MD5 | 4263ac85ef2fe7982d3d023485738ab2
Red Hat Security Advisory 2019-3887-01
Posted Nov 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3887-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. An arbitrary kernel memory write vulnerability was addressed.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2019-0155
MD5 | d53c3f3eb540cb8764a9a082833ccf6c
Shrew Soft VPN Client 2.2.2 Unquoted Service Path
Posted Nov 15, 2019
Authored by D.Goedecke

Shrew Soft VPN Client version 2.2.2 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | d017eded7faaf2c126706e10256364f6
Page 1 of 1
Back1Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    8 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close